CVE-2013-4789

Published August 9th, 2013

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0.9.14 allows remote attackers to execute arbitrary SQL commands via the "c" parameter to index.php.

Cotonti/Cotonti

Fast, reliable and flexible PHP CMF/CMS

GitHub

101